|
|
Family: SuSE Local Security Checks --> Category: infos
SUSE-SA:2005:071: perl Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the perl package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory SUSE-SA:2005:071 (perl).
Integer overflows in the format string functionality in Perl allows
attackers to overwrite arbitrary memory and possibly execute arbitrary
code via format string specifiers with large values, which causes an
integer wrap.
This requires the attacker to be able to supply format strings to the
application, which unfortunately is true for some web applications.
This issue is tracked by the Mitre CVE ID CVE-2005-3962.
Solution : http://www.suse.de/security/advisories/2005_71_perl.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
